If you find your Rails application behaving a little bit "schizophrenic" regarding HTTP and HTTPS, and you are using Nginx as proxy in front of your Mongrel or Thin servers, then is possible that you are suffering a lack of headers.
This disease is easily cured by the administration of a single dosis of:
To your nginx.conf. Off course this treatment is only recommended for SSL enabled configurations.
Basically the problem is that if the header is not set, the Rails application doesn't know that the request is HTTPS, and responds with a regular HTTP response. Depending on your configuration and what are you doing with your application the problem can not arise until you get a somethinbg like a HTTP redirect from your application hitting the wrong port (443)
This disease is easily cured by the administration of a single dosis of:
proxy_set_header X_FORWARDED_PROTO https;
To your nginx.conf. Off course this treatment is only recommended for SSL enabled configurations.
Basically the problem is that if the header is not set, the Rails application doesn't know that the request is HTTPS, and responds with a regular HTTP response. Depending on your configuration and what are you doing with your application the problem can not arise until you get a somethinbg like a HTTP redirect from your application hitting the wrong port (443)
Leave a comment